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(57) Abstract 

In a method and a de- 
vice for partial encryption and 
progressive transmission of im- 
first section of the ™- 
^T„ le is compressed at reduced 

quality without decrypdon and 
a second section of the -mage 
file is encrypted. Us«shaving 
access to appropriate de^uon 

keywords can decrypt thu sec- 
ond section. The fint ^ 
together with the decrypted sec 
^section can then brewed 
as a full quality irnage. The stor- 
age space required for storing the 
togedter^ 
sentially the same as the stor 
^Tpace required for storing 
the unenaypted full quality unc- 
age. By using the method and 
olvice as described herem ^or- 
aee and bandwidth requirements 
for partially encrypted images « 
reduced. Furthermore, object 
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A METHOD AND A DEVICE FOR ENCRYPTION OF IMAGES 

TECHNICAL ™ tQ a method ^ a device for 

The present invention relates to 

encrypting images. 

BACKGROUND OF THE INVENTION AND PRIOR ART 

BACKGROUND technical field which becomes 

Encryption of dxgxtal data xs a t informat ion or 

important when transmittxng and storxng secret 
Z ormation which only shall he available to a user payxng for 
the information. Thus, several methods for ^^XTLo 
da ta are in frequent use. Such methods can also be applxed also 
to digital image data. Examples of encryption methods are DES , 
triple DES and the public-key RSA method. 

Digital images can - store. - — „ 

teleccaeunication networ* - ^^Heoiu* such aa a CD-ROM. 
be distribute* using a f^fjf ^ olrol thaC suits . 

Service r^^^T^ be 
their business model. J***' useIS ^ £ull access to 

offer partial access to-, sat ^ ^ be 

^d^rT to P^nt a. users f ro„ baving «U access 

to all image data. 

be offered for sale on the Internet. 
News photographs can eg. customers to download a 

The service provxder wants to all ° evaluation, 
version of the image with reduced quality fo ^ 
JO umals ( that want to publxsh » 
are then allowed to download a full qualxty 

However, suet a service provider wants to ~~~~ 
Md download bit rates. » -age ^^^^ «. gi ven 

^ ^t ^ —Storage 
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It is also essential that customers always can access ^ s 
X user friendly, standardise* software. Image providers are • 
reluctant to design and support special image viewers and 
customers don't want a proliferation of viewing tools. 

Presently. image providers have to store two versions of the 
i^ges stored. The full quality version is stored as an 
encrypted image file. This means that the image first is 
^feesed and stored in a confessed file format «* - 
oHlF The compressed file is then encrypted using a suitable 

ZZ£ «^«* - ^ ted ta - £ile is ; tored ; J" user 

decrypt this file and then access 
compressed image file using an i^nage viewing tool Reduced 
quality images are produced by processing the full ***** _ 
Lges in an image editing program. They are stored as separate 
compressed image files. 

Z7Z iralso he transmitted over the 

. cage a customer first wants to 

remote access in the case a resolution 
low resolution image before paying for the full 

version. 

l*. in a significant disadvantage if the reduced 
This results in a sign £raction o£ the image 

version image concern: , a ^ ^ CQ jourMls would 

formation. Images that ar of 

*» P-icular b. a detailed understanding of 
since journal editors wan higbes t quality for 

the image content and accepts <£^J ^ °* °* 

printing. The reduced quality imaa 

= the full quality image, 
storage space of tne xuj-j. h 

which is descrio includes many new 

verification Model Version 2.0, coding 

fU nctionalities in ^ for creating a 

r^-"z-££ — Each ipplication domain 
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can select e suitable progression mode ^^f^ 
within linages can be accessed separately m the JPEG 2000 
hitttream Ld progressive transmission can he applied also to 

'.00 there is also support t or independently 

decodable coding units. 

SUMMARY 

It is an object of the present invention to overcome the 
problems as outlined above and in particular to reduce the 
Lount of memory required for storing an 1_. which partially 
than be possible to view, and also to reduce transmission tune 

in a transmission scheme transmitting partially encrypted. 

images. 

This object and others are obtained by a technique for partial 

I « and nrooressive transmission of images where a first 
rccTo £ 'i^f ile cm be depressed at reduced quality 
without decryption, i.e. the first low quality image - not 
encrypted, and where a second section of the image file is 
encrypted . 

users -ng access ^o J^^^S - 

decry pt ^27tZZ Z "en - viewed as a full quality 
decrypted second section can storin g the first and 

ina ge. The storage ^ storage space 

^ir^^TS^ -X ^lity image. The 
required for ™* section may , depend ing on the 
encryption of the seco expansi on of the second 

encryption method, imply a slxgh xp 
section compared to the unencrypted secon 

i be partitioned into multiple sections where 
The image can also be P«^° an individual encryption 

each section may be encrypted with encrypted. 
me thod and byword, some as described 

*n important element of the method an a ^ of 

herein is that the compressed images 

makes it 

independently decodable coding « *t C0 > • 
oossible to perform encryption operations 
To^in without performing entropy decoding. 
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A reduced quality image can be produced according to several 
different main schemes, sucn as: 

1) Reduced resolution 

2) Reduced accuracy of the transform cceffrcrents 

3, Exclusion of predefined regions of interest (ROD 

T.ese methods can be combined so that a reduced quality i»ag. . 1. 

^ v^+-v. i-hP resolution and the accuracy 

e.g. produced by reducing both the resoiuto. 

of the transform coefficients. 

By using the method and device for storing and transmitting 

ZZ data as described herein, several advantages are obtained. 

t-n store two different versions of an 
mu,, G f here is no need, to store uw« 

Thus, tnere is acces s to different quality 

■_ aae if different users are to have access ^ 
7the one and same image. Also, transmission times 
tar if the infection content of theirs, £w „so nt on. 
i.nage data can be reused when transmitting the higher 
image data . 

r^SL — d in .ore detail and 
Tth reference to the acco^anying drawings, in which. 

* -v,o HiP structure of an image. 
. p ig . 1 is a general view of the file stru according to 

. Figs. 2a and 2b shows encryption of images cod 

r. f --re illustrating see steps carried out 

"tg^TstdirgraTrilnstrating a client server process. 
Fig. 5 is a view of an encryption header 

DETAILED DESCRIPTION structure of an original, 

m Fig. 1, a general view of the file ^ 

high resolution, ^V^^ndependently decodable coding 
consists of a number of £Ue structure shown in Fig. 

sections 101, 103 and 105 n the file ^ ^ ^ ^ 

lf the section "^ ^^thout encryption and will therefore 

resolution image, is cooea 

be possible to decode by any receiver. 
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-™ 103 which comprises data, which combined with the 
The ^f 10 ^ 1 "'^^^ in a .ediuxn resolution version of 
data of section 101, resiuu f<T ._ t encryption 

the high resolution image, is encrypted using a first encryp 

117 and only receivers having access to the correct 
TX'^Z will >e ahle to decode the data stored in the 
section 103 . 

. „ ^ wVivch combined with the 

fc4 „ nn c which comprises data, wmcn ^wuwj. 

ect "and 103 results in . full resolution version 
^ high resolution image, is encrypted using s second 
"Lotion method, and only receivers having access to the 
encryption *ey be able to decode the data stored rn the 

section 105. 

decoding o £ the section - ---- - doling of the 

section 103 win, cuu Decrvotion 113 and 

101 result in a mediu. ^reso lutron — data 

^Torand^resnXt in a full resolution image 



115- 



cementation in che^SC - 

range o£ progressive modes can he supported. 

• 2 0 a coding unit is a part o£ 

m JPEG 2000 verification o£ , 9iven 

the bitstream that encodes a spec fr=^ * ' as any 

subband. m general, a ^^^ge inro-tion. The general 
independently decodab le subset o ^ „ include so 

^chanism for specifying the bit ^ 
C aUed tags that speci res ^ bUplane ord er 

sufficient to specify the suno ^ header chat 

xis rsrsE - — ^ bits ttet 

are needed for inserting explicit tags. 
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In Figs. 2a and 2b block diagram describing bow encryption can 
be implemented in tbe JPEG 2000 encoder and decoder 
respectively, are shown. 

Thus in Fig 2a a block diagram where encryption is performed 
Ifter entropy coding in the encoder is shown. Coding units enter 
an entropy -ding block 201. In the block 201 coding the cod^g 
L» are entropy coded using some suitable entropy 
output from the block 201 is fed to a selector whrch selects a 
Stable encryption method for each entropy coded codrng unit, 
some coding units can be selected to not be encrypted at all. 

X» response to the selection made in the selecto. r 20= . the 
entropy coded coding units are encrypted rn a block 
encrypted coding units together with the not encrypted coding 

then form a combined output data stream which can be 
stored or transmitted . 

v. for decoding the bit stream generated by 

in Fig. 2b a decoder for aeco g encrypted and not 

the encoder in Fig. 2a is sho- Thus^ - -ryp^ ^ 

ZT£:T:^>°e decryption method for each entropy 
whxcn seiecub <x ^ vmit is not 

coded coding unit, or if the received coding » 
encrypted it is directly transmitted to a block " 

In response to the selection made in the '^J*^ a 
entropy coded coding units are ^ ics are 

suitable Tn thTbtoc^SS the coding units 

then fed to the block 255. decryption 
Ero m fed directly from tbe selector . COTbined 

bl ock 252 are entropy — stream which is fed 

output data stream corresponding to the data 
to the entropy coding block 201 m Fig. 2a. 

Eac h coning unit in ^ ransmiss i. schwas 

Fig s. 2a and 2b is handled « J separa cely with any user 

Bach coding unit can als- be encryp ^ ^ ^ ^ 

rrenl^nrdttrL encryption methods. ,he 
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a Fig 3 a flow chart illustrating different steps carried out 

L« 3 01 is then coded using a coding algorithm generating 
in step 301 is tnen co« a 
independently decodable coding units, e.g. JPEG 



303. 



• ste p 305 some of the coding units of the image coded 
N ext ( m a step *<>*>• le encrypt ion method, 

in step 303 are encrypted using encrypted 
such as DES . The coding units that are can 
can be set in accordance with user ^^^^r order 
choS e to have coding units ^ 

Mt ^r jt^'^^- ™ merged into a 

and the coding units wniu 
single bit stream. 

In n, a rlow -rt U^^^^ET- 
when transmitting ah iaage encoded -c-d^ ^ # ^ 

Ascribed in ^ ' ^ ^ 40l can then issue 

401 is connected to a serve partioular ircage, step 

a request towards the server « 



405 



Tte server ,03 replies by ^J^^^TT ^ 
im age which are not ^ P clienc who now will have 

coding units cah be decoded by the cli ^ 
access to a low -solution vers- o- par sh ^ ^ ^ ^ 
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client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Examples of such secure methods are described in W, Stallings 
-Data and computer Communications-, p 635 -537, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
wit^mages coded as described herein. The scheme as described 
in conjunction can be modified so that no image data xs 
Emitted, instead the client only agrees to condxt.ons se ^by 
the server in order to have access to the key word s) which are 
required to decrypt the encrypted coding units of the CD ROM. 

Xn the case when the method anc . device as described herein is 

US ed when encoding ^s not standardise 

is advantageous the «^ 0£. ^ ^ ^ ^ 

encryption methods £ja ryp ^ ^ . g merged with 

- — - ~«» ~ C ° din9 • 

units are decrypted. 

*~Hmant the JPEG 2000 image header contains an 
In such an * then Mt u my codin g unit is 

Encryption W BP. E aM shQuid chen be appended to 

rh C eTp E r 2 o: ^header and encryption information can 
optionally be merged into JPEG 2000 Tags. 

xn Fig 5 an encryption header is shown. The Encryption Header 
can in' such an sediment contain the following symhols. 
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l) Encryption Mode (EM) . A set of standard encryption modes are 
defined e.g. 

a) One encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

No encryption information need to included in the Tags an EM 
is defined. 

2) Encryption Mode Parameters (BMP). Parameters (X, Y. ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4) One Encryption Method Descriptor (EMD) for each encryption 
method The EMD defines any data that is needed by the 

decrypted *ey i used by ^ _ to 

i^age coding units^ The or ^ ^ 

each encryption method. Tms numu 

s) The bitstrea, «t tor each coding ^ one 
encrypted and if so by what method. This is done by 

. state (OES) symbol per coding unit. These 

omt Encryption state , ymc ^ encryption header or 

symbols could either be <=° bitstream as encryption 

alternatives he distributed in th e b1 ^™ n header we 

tags. » the UES information is Kept i the encryp ^ ^ 

define a header element - Encrypt- . State W ^ Qtder ^ 
a series of OES symbols that are listed in the 
coding units appears in the bit stream. 

„ EF is set and the Encryption State is not given in the 
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deader JPEG 2000 Tags can be expanded to contain Unit 

Z Zlion State (DBS) symbols. DES defines which encryption 

^ If i. — - encrypting the next coding 



unit . 



Th e transform coefficients belonging to a ROI can be handled as 
! Zl above They can be completely or partially encrypted 
described above^ They belong ing to the ROI for 

by selecting appropriate cooing 

encryption . 

tt.'-in prone* is that the shape o£ the ROI **t reveal the 
content. If the shapes are encrypted it is. 
to show a reduced quality image since it rs drffxcult to 
interpret the coded transform coefficients. 

v.-, be solved by defining a so called cloaking 

T *TsZ^ Thus the rial shape of one or several ROIs are 
shape (c-shape . T*». ^ ^ designe(J „ 

rr^ve 1 ^: concent. A s^le e^le of a c- 
shape is a bounding box. 

POT in the JPEG 2000 bit 
x c-shape is "eated as one s^gle RO 1~ _ ^ 

stream. The c-shape r coded wrth verl£ication Mod el 

darilaos <*»«°>~°" technique as described therein 
version 2.0. According to the te gu ^ ^ ^ 

this would result in that the shape 
header . 

> mask is created using the . ^ elated 
coefficients ° herei L Thi s will result in that 

using the method as R01s that are shielded 

all coefficients belonging to any of ^ ^ 

by the c-shape are encrypted. The tex 
protected by encryption. 

T ha shape of the « - enc^a. ^ins^ « 
encryption header. The encr ^ corre sponding c-shape. 

r^rcat ~ = r — • * - 
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k .Slaved as a blank region. The original ROIs can 
TV ITjlt lTZtorl is known. This is done by decrypting 
I coerftc ents begging to the c-shape. .he sbape of 
longing to tbe c-shape is also decrypted. ~ 
now be rearranged so that the c-shape is dropped and the 

::ig" a nox «. **. ^t - 

done in the compressed domain. 

The mas* that is use, for encoding a ROI is not -™^f 

in JPEG 2000. A mas* that is sufficiently large so that the ROI 

Ts encoded lossless will often cover the whole lower subbands A 

"sHnat is not allowed to expand will lead to a lossy encodmg 

" the « The masfcs belonging to different ROIs or to a ROI 

end the background can be designed to overlap. This means that 

ff . , pnts are encoded in more than one ROI. Sucn 
some coefficients are eii<_u"= rois 
... lwM , w. . reduced overall compression but the ROIs 
overlap will lead to a reauce acceS sed and decoded 

are more independent so that any ROI can be accessed 

with a good visual result. 

-v,„ri <=or ROIs described herein is not 

- TT-TSL" TZZVZ, as the mas* is selected 
dependent of the chor reconstructed from the 

„ that the =-t^ » £M bUildin9 4 

content of any other ROI or b gr ribed in charilaos 

— ~ 0 Vacation Model version 2 .0. 
Christopoulos (ed.), 

B y nsing the method and device ^^Z^T " 
b end.idth requirements '"f^^^l- and processing of 
reduced. Furthermore. ^/ R0IS can be encrypted. 

encrypt ed f ^ttcrypt- and the original 

^tber advantage is that enc ^^"^ "J" since 
performed at the same t-e a e c ^ (>t cbe 

tte process «£» £~ - ^ * ^ all image s without 
hitstream syntax) I P £orm ed just before 

encryption. The «^*~ Ula nscoder, . In this case. 

transmitting the image by a parser 
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*v, a h 4t-rate which will be the case 
i£ th e enc^icn increases «- ^ iMreaM ta bitrate 

transmitting it- 
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CLAIMS 

1. A method of partially encrypting image data comprise, the 

fcoding'the ^ data using an encoding algorithm generating 
independently decodable coding units, 

- encrypting at least one ot the coding unats, and 

- ^fng elding units which are not encrypted with codxng umts 
which are encrypted into a combined bitstrean. 

2 a method according to claim 1. characterised in that the not 
encrypted coding units correspond to a low resolution version of 
the image data* 

3 A method according to any of claims 1-2. characterised in 
Lc different coding units are encrypted using different coding 
methods . 

« A method according to any of claims 1-3. ^"^"[^ 
thet an encryption fleg. which indicates if a ocean, unit is 
encrypted, is inserted in the bit stream. 

. a method according to eny of claims 1 - «. when information 

- Reaion of interest is encrypted, 
^.rrd t IZT- shape - the region of merest is 
enclosed in a cloaking shape. 

* -rtial encryption of image data characterized 
6. A device for partial enuxyv 

Xans for coding -J^^I^ST 
one of the coding which not encrypted with 

to a low 'resolution version of the image data. 
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S . A device according to any of claims 6-7. character i«.d by 

coding methods. 

. A devloe according to any of claims 6-8. caaraoteriaed by 

^ inserting an encryption flag, vnich indites if . 
coding unit is encrypted, il> tne bit stream. 

10 A device according to any of claims 6-9, ch^eteri.ed by 
ieans foTenclosin, a region of interest shape in a cloaUng 



shape. 
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